An insurance company is storing critical financial data in the OCI block volume. This volume is currently encrypted using oracle managed keys. Due to regulatory compliance, the customer wants to encrypt the data using the keys that they can control and not the keys which are controlled by Oracle. What of the following series of tasks are required to encrypt the block volume using customer managed keys?
A. Create a vault, import your master encryption key into the vault, generate data encryption key, assign data encryption key to the block volume
B. Create a master encryption key, create a data encryption key, decrypt the block volume using existing oracle managed keys, encrypt the block volume using the data encryption key
C. Create a vault, create a master encryption key in the vault, assign this master encryption key to the block volume D. Create a master encryption key, create a new version of the encryption key, decrypt the block volume using existing oracle managed keys and encrypt using new version of the encryption key